[ 
https://issues.apache.org/jira/browse/GUACAMOLE-407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16417226#comment-16417226
 ] 

Carl Harris commented on GUACAMOLE-407:
---------------------------------------

I'll be happy to do a PR to rework the multi-stage build to use a different 
base image.

Unless there are objections, I would recommend using a Debian base instead of 
Ubuntu. The Debian package repos tend to be maintained at slightly faster pace 
(for example, libssh2 for Debian Stretch (stable) is at version 1.7, but for 
Ubuntu 16.04 (Xenial LTS) is at version 1.5) and the Docker base image layers 
for Debian are generally a little smaller.

Could get the same outcome either way, though.

> Update guacd Docker image to build against more recent dependencies
> -------------------------------------------------------------------
>
>                 Key: GUACAMOLE-407
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-407
>             Project: Guacamole
>          Issue Type: Improvement
>          Components: guacd-docker
>            Reporter: Sven Gottwald
>            Assignee: Michael Jumper
>            Priority: Trivial
>
> The version of libssh2 within CentOS 7 lacks support for the more-recent 
> versions of SSH key exchange methods and MACs. As the [guacamole/guacd Docker 
> image|https://hub.docker.com/r/guacamole/guacd/] uses CentOS 7, it also lacks 
> this support.
> Currently, the following key exchange methods are supported:
> * diffie-hellman-group14-sha1
> * diffie-hellman-group-exchange-sha1
> * diffie-hellman-group1-sha1
> and the following MACs are supported:
> * hmac-sha1,hmac-sha1-96
> * hmac-md5,hmac-md5-96
> * hmac-ripemd160
> * hmac-ripemd...@openssh.com
> More recent libssh2 includes support for SHA2 and curve25519. See 
> https://wiki.mozilla.org/Security/Guidelines/OpenSSH for more information and 
> references.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to